package com.we823.cms.core.security.shiro.filter;

import java.io.IOException;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;

import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.AccessControlFilter;
import org.apache.shiro.web.util.WebUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;

import com.we823.cms.common.WebConstants;
import com.we823.cms.model.sys.User;
import com.we823.cms.repository.service.sys.UserService;

/**
 * Created by ZhangYinxian on 2014/12/5.
 */
public class SysUserFilter extends AccessControlFilter {
    private final Logger logger = LoggerFactory.getLogger(SysUserFilter.class);

    @Autowired
    private UserService userService;
    
    //用户无法找到重定向url
    private String userNotFoundUrl;
    //用户被锁定的重定向url
    private String userBlockedUrl;
    //未知错误重定向url
    private String UnknownErrorUrl;

    public String getUserNotFoundUrl() {
        return userNotFoundUrl;
    }

    public void setUserNotFoundUrl(String userNotFoundUrl) {
        this.userNotFoundUrl = userNotFoundUrl;
    }

    public String getUserBlockedUrl() {
        return userBlockedUrl;
    }

    public void setUserBlockedUrl(String userBlockedUrl) {
        this.userBlockedUrl = userBlockedUrl;
    }

    public String getUnknownErrorUrl() {
        return UnknownErrorUrl;
    }

    public void setUnknownErrorUrl(String unknownErrorUrl) {
        UnknownErrorUrl = unknownErrorUrl;
    }

    public UserService getUserService() {
        return userService;
    }

    public void setUserService(UserService userService) {
        this.userService = userService;
    }

    @Override
    protected boolean preHandle(ServletRequest request, ServletResponse response) throws Exception {
        logger.debug("preHandle");
        Subject subject = getSubject(request,response);
        if(subject==null){
            return true;
        }

        String username = (String)subject.getPrincipal();
        User userModel = userService.findByUsername(username);
        request.setAttribute(WebConstants.CURRENT_USER,userModel);

        return true;
    }

    @Override
    protected boolean isAccessAllowed(ServletRequest servletRequest, ServletResponse servletResponse, Object o) throws Exception {
        logger.debug("isAccessAllowed");
        User userModel = (User) servletRequest.getAttribute(WebConstants.CURRENT_USER);
        if(userModel==null){
            return true;
        }
        if(userModel.getDeleted()==1 || userModel.getBlocked()==1){
            getSubject(servletRequest,servletResponse).logout();
            saveRequestAndRedirectToLogin(servletRequest,servletResponse);
            return false;
        }
        return true;
    }

    @Override
    protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        logger.debug("onAccessDenied");
        getSubject(servletRequest, servletResponse).logout();
        saveRequestAndRedirectToLogin(servletRequest,servletResponse);
        return true;
    }

    @Override
    protected void redirectToLogin(ServletRequest request, ServletResponse response) throws IOException {
        logger.debug("redirectToLogin");
        User userModel = (User) request.getAttribute(WebConstants.CURRENT_USER);
        String url = null;
        if(userModel==null){
            url = getUnknownErrorUrl();
        }else if(userModel.getBlocked()==1){
            url = getUserBlockedUrl();
        }else if(userModel.getDeleted()==1){
            url = getUserNotFoundUrl();
        }
        WebUtils.issueRedirect(request,response,url);
    }
}
